<?php
class Application_Plugin_Acl extends Zend_Controller_Plugin_Abstract{
	public function preDispatch(Zend_Controller_Request_Abstract $request)
	{
		$acl = new Zend_Acl;

		$acl->addRole(new Zend_Acl_Role('gość'));
		$acl->addRole(new Zend_Acl_Role('wykładowca'), 'gość');
		$acl->addRole(new Zend_Acl_Role('techniczny'), 'wykładowca');
		$acl->addRole(new Zend_Acl_Role('administrator'));
		

		$acl->add(new Zend_Acl_Resource('admin'));
		$acl->add(new Zend_Acl_Resource('technical'));
		$acl->add(new Zend_Acl_Resource('lecturer'));
		$acl->add(new Zend_Acl_Resource('default'));
		$acl->allow('gość', null);
/*
		$acl->allow('gość', 'lecturer', null);
		$acl->allow('gość', 'technical', null);
		$acl->allow('gość', 'admin', null);
		
		$acl->allow('wykładowca', 'default', null);
		$acl->allow('wykładowca', 'lecturer', null);
		
		
		$acl->allow('techniczny', 'default', null);
		$acl->allow('techniczny', 'lecturer', null);
		$acl->allow('techniczny', 'technical', null);
		
		
		$acl->allow('administrator', 'default', null);
		$acl->allow('administrator', 'lecturer', null);
		$acl->allow('administrator', 'technical', null);
		$acl->allow('administrator', 'admin', null);
		*/
		$identity = '';
		$role = '';
		$auth = Zend_Auth::getInstance();
		if ($auth->hasIdentity()) {
			$identity = $auth->getIdentity();
			$role = $identity->designation;
		} else {
			$role = 'gość';
		}
		$controller = $request->controller;
		$module = $request->module;
		$action = $request->action;
		if (!$acl->isAllowed($role, $module, $action)) {
			if(!$this->checkCookie()){
				$request->setModuleName('default');
				$request->setControllerName('index');
				$request->setActionName('index');
			}
		}
		 
	}
	private function checkCookie(){
		if(!isset($_COOKIE['log']))
		return false;
		return $this->_process($_COOKIE['log'],$_COOKIE['pas']);
	}
	protected function _process($email, $password)
	{
 				$adapter = $this->_getAuthAdapter();
                                $adapter->setIdentity($email); 
                                
                                $adapter->setCredential($password);
                                //$adapter->setCredentialTreatment('SHA1(CONCAT(?,hashcode))');
                                
                                

		$auth = Zend_Auth::getInstance();
		$result = $auth->authenticate($adapter);
		if ($result->isValid()) {
			$dbAdapter = Zend_Db_Table::getDefaultAdapter();
			$user = $adapter->getResultRowObject();
			$idRole = $user->role_id;
			$roleObj = new Application_Model_Dao_Role();
			$designation = $roleObj->getRole($idRole);
			$user->designation = $designation;
			$auth->getStorage()->write($user);
			return true;
		}
		return false;
	}
protected function _getAuthAdapter()
    {
        $dbAdapter = Zend_Db_Table::getDefaultAdapter();
        $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter,'users','email','password');

                            
                        
                        return $authAdapter;
    }

}